Issue metadata
Sign in to add a comment
|
ASSERTION FAILED: isAllowedToQueryCompositingState() on youtube by mouse wheel scrolling |
||||||||||||||||||||||||
Issue description<b>Version: <Kenneth, what is the frequency?></b> OS: Win 10 What steps will reproduce the problem? (1) Run content_shell --no-sandbox https://www.youtube.com (2) Play any video with large size (3) Up/Down scroll with mouse wheel until assertion failure ASSERTION FAILED: isAllowedToQueryCompositingState() Backtrace: blink::PaintLayer::compositingState [0x000000000BC6257A+58] (c:\src\w\cr\src\third_party\webkit\source\core\paint\paintlayer.cpp:2284) (No symbol) [0x000000000BBFEC6C] (c:\src\w\cr\src\third_party\webkit\source\core\page\scrolling\scrollingcoordinator.cpp:990) (No symbol) [0x000000000BBFFE7E] (c:\src\w\cr\src\third_party\webkit\source\core\page\scrolling\scrollingcoordinator.cpp:1038) (No symbol) [0x000000000B0B0BA3] (c:\src\w\cr\src\third_party\webkit\source\core\page\scrolling\scrollingcoordinator.h:97) blink::FrameView::shouldScrollOnMainThread [0x000000000B9CAFC1+49] (c:\src\w\cr\src\third_party\webkit\source\core\frame\frameview.cpp:694) blink::ScrollAnimator::willAnimateToOffset [0x000000000660A270+656] (c:\src\w\cr\src\third_party\webkit\source\platform\scroll\scrollanimator.cpp:191) blink::ScrollAnimator::notifyAnimationTakeover [0x0000000006608C95+229] (c:\src\w\cr\src\third_party\webkit\source\platform\scroll\scrollanimator.cpp:425) blink::CompositorAnimationPlayer::NotifyAnimationTakeover [0x000000000619E0FE+158] (c:\src\w\cr\src\third_party\webkit\source\platform\animation\compositoranimationplayer.cpp:116) cc::AnimationPlayer::NotifyAnimationTakeover [0x00000000036174DB+363] (c:\src\w\cr\src\cc\animation\animation_player.cc:222) (No symbol) [0x000000000362CE89] (c:\src\w\cr\src\cc\animation\element_animations.cc:1432) cc::ElementAnimations::NotifyAnimationTakeover [0x000000000362C352+386] (c:\src\w\cr\src\cc\animation\element_animations.cc:281) (No symbol) [0x0000000003605286] (c:\src\w\cr\src\cc\animation\animation_host.cc:336) cc::LayerTreeHost::SetAnimationEvents [0x0000000003A25874+308] (c:\src\w\cr\src\cc\trees\layer_tree_host.cc:757) cc::ProxyMain::SetAnimationEvents [0x0000000003B39F7B+459] (c:\src\w\cr\src\cc\trees\proxy_main.cc:100) base::internal::RunnableAdapter<void (__cdecl cc::ProxyMain::*)(std::unique_ptr<cc::AnimationEvents,std::default_delete<cc::AnimationEvents> >) __ptr64>::Run<base::WeakPtr<cc::ProxyMain> const & __ptr64,std::unique_ptr<cc::AnimationEvents,std::default_del [0x0000000003B612E2+82] (c:\src\w\cr\src\base\bind_internal.h:188) base::internal::InvokeHelper<1,void>::MakeItSo<base::internal::RunnableAdapter<void (__cdecl cc::ProxyMain::*)(std::unique_ptr<cc::AnimationEvents,std::default_delete<cc::AnimationEvents> >) __ptr64> const & __ptr64,base::WeakPtr<cc::ProxyMain> const & __ [0x0000000003B609E6+102] (c:\src\w\cr\src\base\bind_internal.h:327) base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl cc::ProxyMain::*)(std::unique_ptr<cc::AnimationEvents,std::default_delete<cc::AnimationEvents> >) __ptr64>,base::WeakPtr<cc::ProxyMain> & __ptr64,base::interna [0x0000000003B61A38+120] (c:\src\w\cr\src\base\bind_internal.h:379) base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl cc::ProxyMain::*)(std::unique_ptr<cc::AnimationEvents,std::default_delete<cc::AnimationEvents> >) __ptr64>,base::WeakPtr<cc::ProxyMain> & __ptr64,base::interna [0x0000000003B66FE3+51] (c:\src\w\cr\src\base\bind_internal.h:362) base::Callback<void __cdecl(void),1>::Run [0x000000000123E5A8+40] (c:\src\w\cr\src\base\callback.h:390) base::debug::TaskAnnotator::RunTask [0x000000000127DB3A+474] (c:\src\w\cr\src\base\debug\task_annotator.cc:53) scheduler::TaskQueueManager::ProcessTaskFromWorkQueue [0x0000000024558EE8+1464] (c:\src\w\cr\src\components\scheduler\base\task_queue_manager.cc:295) (No symbol) [0x000000002455738F] (c:\src\w\cr\src\components\scheduler\base\task_queue_manager.cc:203) base::internal::RunnableAdapter<void (__cdecl scheduler::TaskQueueManager::*)(base::TimeTicks,bool) __ptr64>::Run<base::WeakPtr<scheduler::TaskQueueManager> const & __ptr64,base::TimeTicks const & __ptr64,bool const & __ptr64> [0x000000002454C8A8+88] (c:\src\w\cr\src\base\bind_internal.h:188) base::internal::InvokeHelper<1,void>::MakeItSo<base::internal::RunnableAdapter<void (__cdecl scheduler::TaskQueueManager::*)(base::TimeTicks,bool) __ptr64> const & __ptr64,base::WeakPtr<scheduler::TaskQueueManager> const & __ptr64,base::TimeTicks const & [0x000000002454C7E2+130] (c:\src\w\cr\src\base\bind_internal.h:327) base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl scheduler::TaskQueueManager::*)(base::TimeTicks,bool) __ptr64>,base::WeakPtr<scheduler::TaskQueueManager>,base::TimeTicks,bool>,void __cdecl(void)>::RunImpl<ba [0x000000002454CA3A+154] (c:\src\w\cr\src\base\bind_internal.h:383) base::internal::Invoker<base::internal::BindState<base::internal::RunnableAdapter<void (__cdecl scheduler::TaskQueueManager::*)(base::TimeTicks,bool) __ptr64>,base::WeakPtr<scheduler::TaskQueueManager>,base::TimeTicks,bool>,void __cdecl(void)>::Run [0x0000000024559833+51] (c:\src\w\cr\src\base\bind_internal.h:362) base::Callback<void __cdecl(void),1>::Run [0x000000000123E5A8+40] (c:\src\w\cr\src\base\callback.h:390) base::debug::TaskAnnotator::RunTask [0x000000000127DB3A+474] (c:\src\w\cr\src\base\debug\task_annotator.cc:53) base::MessageLoop::RunTask [0x0000000001311889+953] (c:\src\w\cr\src\base\message_loop\message_loop.cc:494) base::MessageLoop::DeferOrRunPendingTask [0x000000000130E9DC+60] (c:\src\w\cr\src\base\message_loop\message_loop.cc:505) base::MessageLoop::DoWork [0x000000000130F219+297] (c:\src\w\cr\src\base\message_loop\message_loop.cc:624) base::MessagePumpDefault::Run [0x000000000131A42A+250] (c:\src\w\cr\src\base\message_loop\message_pump_default.cc:35) base::MessageLoop::RunHandler [0x0000000001311486+246] (c:\src\w\cr\src\base\message_loop\message_loop.cc:458) base::RunLoop::Run [0x00000000013F515D+61] (c:\src\w\cr\src\base\run_loop.cc:36) base::MessageLoop::Run [0x0000000001311339+233] (c:\src\w\cr\src\base\message_loop\message_loop.cc:296) (No symbol) [0x00000001837686C5] (c:\src\w\cr\src\content\renderer\renderer_main.cc:198) content::RunNamedProcessTypeMain [0x0000000183D47B64+212] (c:\src\w\cr\src\content\app\content_main_runner.cc:418) content::ContentMainRunnerImpl::Run [0x0000000183D479A8+632] (c:\src\w\cr\src\content\app\content_main_runner.cc:785) content::ContentMain [0x0000000183D450B1+129] (c:\src\w\cr\src\content\app\content_main.cc:20) main [0x000000014018FB62+114] (c:\src\w\cr\src\content\shell\app\shell_main.cc:33) invoke_main [0x0000000142018864+52] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:65) __scrt_common_main_seh [0x000000014201871E+302] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:255) __scrt_common_main [0x00000001420185DE+14] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:300) mainCRTStartup [0x0000000142018889+9] (f:\dd\vctools\crt\vcstartup\src\startup\exe_main.cpp:17) BaseThreadInitThunk [0x00007FFC883F8102+34] RtlUserThreadStart [0x00007FFC884EC5B4+52]
,
Jun 29 2016
,
Jun 29 2016
ymalik@ this seems in your wheelhouse
,
Jul 4 2016
This happens on Linux as well (r403690): Standard output: ******************************************************************************** ASSERTION FAILED: isAllowedToQueryCompositingState() ../../third_party/WebKit/Source/core/paint/PaintLayer.cpp(2284) : blink::CompositingState blink::PaintLayer::compositingState() const 1 0x7f994da27743 blink::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects(blink::FrameView*) const 2 0x7f994da244ae blink::ScrollingCoordinator::mainThreadScrollingReasons() const 3 0x7f994d8bf65f blink::FrameView::shouldScrollOnMainThread() const 4 0x7f99553cd515 blink::ScrollAnimator::willAnimateToOffset(blink::FloatPoint const&) 5 0x7f99553cd2f8 blink::ScrollAnimator::userScroll(blink::ScrollGranularity, blink::FloatSize const&) 6 0x7f994d8fe771 blink::RootFrameViewport::userScroll(blink::ScrollGranularity, blink::FloatSize const&) 7 0x7f994dc0b2f7 blink::LayoutView::scroll(blink::ScrollGranularity, blink::FloatSize const&) 8 0x7f994d472884 blink::ScrollManager::logicalScroll(blink::ScrollDirection, blink::ScrollGranularity, blink::Node*, blink::Node*) 9 0x7f994d47296e blink::ScrollManager::bubblingScroll(blink::ScrollDirection, blink::ScrollGranularity, blink::Node*, blink::Node*) 10 0x7f99550cab0c blink::WebViewImpl::scrollViewWithKeyboard(int, int) 11 0x7f99550c9101 blink::WebViewImpl::keyEventDefault(blink::WebKeyboardEvent const&) 12 0x7f99550c8cd4 blink::WebViewImpl::handleKeyEvent(blink::WebKeyboardEvent const&) 13 0x7f9955048bfd 14 0x7f99550c7bd4 blink::WebViewImpl::handleInputEvent(blink::WebInputEvent const&) 15 0x7f9958a4990c content::RenderWidgetInputHandler::HandleInputEvent(blink::WebInputEvent const&, ui::LatencyInfo const&, content::InputEventDispatchType) 16 0x7f9958adf27f 17 0x7f9958adea27 content::RenderWidget::OnMessageReceived(IPC::Message const&) 18 0x7f9958ace293 content::RenderViewImpl::OnMessageReceived(IPC::Message const&) 19 0x7f99576e0b37 IPC::MessageRouter::RouteMessage(IPC::Message const&) 20 0x7f99576e0a78 IPC::MessageRouter::OnMessageReceived(IPC::Message const&) 21 0x7f9957fc4433 content::ChildThreadImpl::OnMessageReceived(IPC::Message const&) 22 0x7f9958259d27 23 0x7f99582bd903 24 0x7f995a962759 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) 25 0x7f9950ba6f27 scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(scheduler::internal::WorkQueue*, scheduler::internal::TaskQueueImpl::Task*) 26 0x7f9950ba5c65 scheduler::TaskQueueManager::DoWork(base::TimeTicks, bool) 27 0x7f9950ba7e89 28 0x7f995a962759 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) 29 0x7f995a98d085 base::MessageLoop::RunTask(base::PendingTask const&) 30 0x7f995a98d3b8 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) 31 0x7f995a98d74b base::MessageLoop::DoWork() ******************************************************************************** To reproduce: 1. Compile release Chrome with dcheck_always_on=true. 2. Go to www.taobao.com and wait until it loads. 3. Keep pressing Page Down until the renderer crashes.
,
Jul 4 2016
The same goes for Android:
ASSERTION FAILED: isAllowedToQueryCompositingState()
../../third_party/WebKit/Source/core/paint/PaintLayer.cpp(2284) : blink::CompositingState blink::PaintLayer::compositingState() const
beginning of crash
Fatal signal 11 (SIGSEGV), code 1, fault addr 0xfbadbeef in tid 10446 (CrRendererMain)
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'google/hammerhead/hammerhead:5.1.1/LMY49M/2916557:userdebug/dev-keys'
Revision: '11'
ABI: 'arm'
pid: 10420, tid: 10446, name: CrRendererMain >>> com.google.android.apps.chrome:sandboxed_process0 <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xfbadbeef
r0 b35116f8 r1 fffffffe r2 ee00bfe6 r3 fbadbeef
r4 00000000 r5 54a14e00 r6 54a14e00 r7 b35117a8
r8 993a1908 r9 00000001 sl 00000000 fp 00000029
ip a05938e4 sp b3511798 lr a18baa3f pc 9fa9c828 cpsr 880f0030
backtrace:
#00 pc 00915828 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZNK5blink10PaintLayer16compositingStateEv+39)
#01 pc 008f155d /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZNK5blink20ScrollingCoordinator47hasVisibleSlowRepaintViewportConstrainedObjectsEPNS_9FrameViewE+436)
#02 pc 008f1687 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZNK5blink20ScrollingCoordinator26mainThreadScrollingReasonsEv+194)
#03 pc 00823cc1 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZNK5blink9FrameView24shouldScrollOnMainThreadEv+22)
#04 pc 0018c4eb /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_platform.cr.so (_ZN5blink14ScrollAnimator19willAnimateToOffsetERKNS_10FloatPointE+350)
#05 pc 0018c865 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_platform.cr.so (_ZN5blink14ScrollAnimator10userScrollENS_17ScrollGranularityERKNS_9FloatSizeE+220)
#06 pc 00849471 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZN5blink17RootFrameViewport10userScrollENS_17ScrollGranularityERKNS_9FloatSizeE+332)
#07 pc 009fc449 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZN5blink10LayoutView6scrollENS_17ScrollGranularityERKNS_9FloatSizeE+44)
#08 pc 0058b065 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZN5blink13ScrollManager13logicalScrollENS_15ScrollDirectionENS_17ScrollGranularityEPNS_4NodeES4_+312)
#09 pc 0058b0c5 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZN5blink13ScrollManager14bubblingScrollENS_15ScrollDirectionENS_17ScrollGranularityEPNS_4NodeES4_+36)
#10 pc 00580309 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_core.cr.so (_ZN5blink12EventHandler14bubblingScrollENS_15ScrollDirectionENS_17ScrollGranularityEPNS_4NodeE+10)
#11 pc 000d64f7 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_web.cr.so (_ZN5blink11WebViewImpl22scrollViewWithKeyboardEii+106)
#12 pc 000daf4b /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_web.cr.so (_ZN5blink11WebViewImpl15keyEventDefaultERKNS_16WebKeyboardEventE+162)
#13 pc 000df6c1 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_web.cr.so (_ZN5blink11WebViewImpl14handleKeyEventERKNS_16WebKeyboardEventE+644)
#14 pc 0008a8bd /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_web.cr.so
#15 pc 000dfbc7 /data/app/com.google.android.apps.chrome-1/lib/arm/libblink_web.cr.so (_ZN5blink11WebViewImpl16handleInputEventERKNS_13WebInputEventE+530)
#16 pc 00a13c11 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so (_ZN7content24RenderWidgetInputHandler16HandleInputEventERKN5blink13WebInputEventERKN2ui11LatencyInfoENS_22InputEventDispatchTypeE+3496)
#17 pc 00a6f431 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#18 pc 00a72977 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#19 pc 00a6c739 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so (_ZN7content14RenderViewImpl17OnMessageReceivedERKN3IPC7MessageE+7824)
#20 pc 0045d651 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so (_ZN7content15ChildThreadImpl24ChildThreadMessageRouter12RouteMessageERKN3IPC7MessageE+20)
#21 pc 0045c215 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#22 pc 00a5e331 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#23 pc 00a0f315 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#24 pc 00073821 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base5debug13TaskAnnotator7RunTaskEPKcRKNS_11PendingTaskE+116)
#25 pc 0001b873 /data/app/com.google.android.apps.chrome-1/lib/arm/libscheduler.cr.so (_ZN9scheduler16TaskQueueManager24ProcessTaskFromWorkQueueEPNS_8internal9WorkQueueEPNS1_13TaskQueueImpl4TaskE+618)
#26 pc 0001bb2d /data/app/com.google.android.apps.chrome-1/lib/arm/libscheduler.cr.so (_ZN9scheduler16TaskQueueManager6DoWorkEN4base9TimeTicksEb+444)
#27 pc 00019fa3 /data/app/com.google.android.apps.chrome-1/lib/arm/libscheduler.cr.so
#28 pc 00073821 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base5debug13TaskAnnotator7RunTaskEPKcRKNS_11PendingTaskE+116)
#29 pc 0008c60d /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base11MessageLoop7RunTaskERKNS_11PendingTaskE+124)
#30 pc 0008c907 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base11MessageLoop21DeferOrRunPendingTaskERKNS_11PendingTaskE+130)
#31 pc 0008c9af /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base11MessageLoop6DoWorkEv+138)
#32 pc 0008ed23 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base18MessagePumpDefault3RunEPNS_11MessagePump8DelegateE+50)
#33 pc 0008de39 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base11MessageLoop10RunHandlerEv+84)
#34 pc 000a69d1 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base7RunLoop3RunEv+32)
#35 pc 0008be65 /data/app/com.google.android.apps.chrome-1/lib/arm/libbase.cr.so (_ZN4base11MessageLoop3RunEv+28)
#36 pc 00a76cff /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#37 pc 00ae2e3f /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#38 pc 00ae30bf /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so
#39 pc 00ae2809 /data/app/com.google.android.apps.chrome-1/lib/arm/libcontent.cr.so (Java_org_chromium_content_app_ContentMain_nativeStart+228)
#40 pc 0032e00d /data/dalvik-cache/arm/data@app@com.google.android.apps.chrome-1@base.apk@classes.dex
,
Jul 4 2016
Looks like same as 625676. I'll take a first look and reassign if needed. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by schenney@chromium.org
, Jun 29 2016Status: Available (was: Untriaged)